Bug#898543: [Pkg-freeipa-devel] Bug#898543: nss-pem available

Wed, 07 Oct 2020 12:33:51 -0700 

On 7.10.2020 19.11, Harry Coin wrote:

On Fri, 25 Sep 2020 11:46:16 +0300 Timo Aaltonen <tjaal...@debian.org>
wrote:


Hi,

This bug shouldn't happen anymore, as nss-pem is used. There's another
bug (970880) preventing server install right now though.

--
t



   File "/usr/lib/python3/dist-packages/ipaserver/install/cainstance.py",
line 484, in configure_instance
     self.start_creation(runtime=runtime)
   File "/usr/lib/python3/dist-packages/ipaserver/install/service.py",
line 606, in start_creation
     run_step(full_msg, method)
   File "/usr/lib/python3/dist-packages/ipaserver/install/service.py",
line 592, in run_step
     method()
   File "/usr/lib/python3/dist-packages/ipaserver/install/cainstance.py",
line 880, in __request_ra_certificate
     reqId = certmonger.request_and_wait_for_cert(
   File "/usr/lib/python3/dist-packages/ipalib/install/certmonger.py",
line 409, in request_and_wait_for_cert
     raise RuntimeError(

2020-10-07T14:45:28Z DEBUG The ipa-server-install command failed,
exception: RuntimeError: Certificate issuance failed (CA_UNREACHABLE:
Error 35 connecting to
https://registry1.1.quietfountain.com:8443/ca/agent/ca//profileReview:
SSL connect error.)
2020-10-07T14:45:28Z ERROR Certificate issuance failed (CA_UNREACHABLE:
Error 35 connecting to
https://registry1.1.quietfountain.com:8443/ca/agent/ca//profileReview:
SSL connect error.)
2020-10-07T14:45:28Z ERROR The ipa-server-install command failed. See
/var/log/ipaserver-install.log for more information

...

  [11/30]: starting certificate server instance
   [12/30]: configure certmonger for renewals
   [13/30]: requesting RA certificate from CA
   [error] RuntimeError: Certificate issuance failed (CA_UNREACHABLE:
Error 35 connecting to
https://registry1.1.quietfountain.com:8443/ca/agent/ca//profileReview:
SSL connect error.)

_______________________________________________
Pkg-freeipa-devel mailing list
pkg-freeipa-de...@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-freeipa-devel




No need to post it here, as I said 970880 is the other bug. Upstream is 
looking at it.


--
t























					Reply via email to